< prev index next >
src/java.base/share/classes/sun/security/provider/PolicyFile.java
Print this page
@@ -1,7 +1,7 @@
/*
- * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
@@ -28,18 +28,18 @@
import java.io.*;
import java.lang.reflect.*;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URI;
+import java.nio.file.Files;
import java.nio.file.Path;
import java.util.*;
import java.security.*;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import javax.security.auth.Subject;
import javax.security.auth.x500.X500Principal;
-import java.io.FilePermission;
import java.net.SocketPermission;
import java.net.NetPermission;
import java.util.concurrent.ConcurrentHashMap;
import jdk.internal.access.JavaSecurityAccess;
import static jdk.internal.access.JavaSecurityAccess.ProtectionDomainCache;
@@ -271,27 +271,10 @@
* subsequently ignored.
*/
private static Set<URL> badPolicyURLs =
Collections.newSetFromMap(new ConcurrentHashMap<URL,Boolean>());
- // The default.policy file
- private static final URL DEFAULT_POLICY_URL =
- AccessController.doPrivileged(new PrivilegedAction<>() {
- @Override
- public URL run() {
- String sep = File.separator;
- try {
- return Path.of(StaticProperty.javaHome(),
- "lib", "security",
- "default.policy").toUri().toURL();
- } catch (MalformedURLException mue) {
- // should not happen
- throw new Error("Malformed default.policy URL: " + mue);
- }
- }
- });
-
/**
* Initializes the Policy object and reads the default policy
* configuration file(s) into the Policy object.
*/
public PolicyFile() {
@@ -347,17 +330,14 @@
}
private void initPolicyFile(final PolicyInfo newInfo, final URL url) {
// always load default.policy
- if (debug != null) {
- debug.println("reading " + DEFAULT_POLICY_URL);
- }
AccessController.doPrivileged(new PrivilegedAction<>() {
@Override
public Void run() {
- init(DEFAULT_POLICY_URL, newInfo, true);
+ initDefaultPolicy(newInfo);
return null;
}
});
if (url != null) {
@@ -371,11 +351,11 @@
debug.println("reading " + url);
}
AccessController.doPrivileged(new PrivilegedAction<>() {
@Override
public Void run() {
- if (init(url, newInfo, false) == false) {
+ if (init(url, newInfo) == false) {
// use static policy if all else fails
initStaticPolicy(newInfo);
}
return null;
}
@@ -427,11 +407,11 @@
policyURL = new URL(extra_policy);
}
if (debug != null) {
debug.println("reading "+policyURL);
}
- if (init(policyURL, newInfo, false)) {
+ if (init(policyURL, newInfo)) {
loaded_policy = true;
}
} catch (Exception e) {
// ignore.
if (debug != null) {
@@ -470,11 +450,11 @@
}
if (debug != null) {
debug.println("reading " + policy_url);
}
- if (init(policy_url, newInfo, false)) {
+ if (init(policy_url, newInfo)) {
loaded_policy = true;
}
} catch (Exception e) {
if (debug != null) {
debug.println(
@@ -490,15 +470,38 @@
});
return loadedPolicy;
}
+ private void initDefaultPolicy(PolicyInfo newInfo) {
+ Path defaultPolicy = Path.of(StaticProperty.javaHome(),
+ "lib",
+ "security",
+ "default.policy");
+ if (debug != null) {
+ debug.println("reading " + defaultPolicy);
+ }
+ try (BufferedReader br = Files.newBufferedReader(defaultPolicy)) {
+
+ PolicyParser pp = new PolicyParser(expandProperties);
+ pp.read(br);
+
+ Enumeration<PolicyParser.GrantEntry> enum_ = pp.grantElements();
+ while (enum_.hasMoreElements()) {
+ PolicyParser.GrantEntry ge = enum_.nextElement();
+ addGrantEntry(ge, null, newInfo);
+ }
+ } catch (Exception e) {
+ throw new InternalError("Failed to load default.policy", e);
+ }
+ }
+
/**
* Reads a policy configuration into the Policy object using a
* Reader object.
*/
- private boolean init(URL policy, PolicyInfo newInfo, boolean defPolicy) {
+ private boolean init(URL policy, PolicyInfo newInfo) {
// skip parsing policy file if it has been previously parsed and
// has syntax errors
if (badPolicyURLs.contains(policy)) {
if (debug != null) {
@@ -535,25 +538,19 @@
PolicyParser.GrantEntry ge = enum_.nextElement();
addGrantEntry(ge, keyStore, newInfo);
}
return true;
} catch (PolicyParser.ParsingException pe) {
- if (defPolicy) {
- throw new InternalError("Failed to load default.policy", pe);
- }
// record bad policy file to avoid later reparsing it
badPolicyURLs.add(policy);
Object[] source = {policy, pe.getNonlocalizedMessage()};
System.err.println(LocalizedMessage.getNonlocalized
(POLICY + ".error.parsing.policy.message", source));
if (debug != null) {
pe.printStackTrace();
}
} catch (Exception e) {
- if (defPolicy) {
- throw new InternalError("Failed to load default.policy", e);
- }
if (debug != null) {
debug.println("error parsing "+policy);
debug.println(e.toString());
e.printStackTrace();
}
< prev index next >